Martin Tyrer joined Capgemini in September 2011 through our graduate scheme. Currently working as part of a Security Incident, Forensic & Investigation Team, as he approached the end of the graduate programme, he took time to reflect on his experience of the scheme and explain why he selected Capgemini.
"I developed a passion for cyber security having taken a number of related modules while completing a degree in Management and Information Technology at Lancaster University",writes Martin. "In fact, I chose to qualify as a Certified Ethical Hacker (CEH) before joining Capgemini’s graduate scheme to further my career.
"I chose Capgemini, in favour of other companies with otherwise seemingly similar offerings, as its collaborative approach and the inclusion of honesty, modesty and fun among its core values really made the company stand out from the crowd. In addition, everything I found from my research indicated that this was a company with a reputation for its ability to deliver in the marketplace and for recognising and developing its staff.
"The programme certainly hasn’t disappointed me. Through various rotations, I have been given the enviable opportunity to see how the different pieces of the security business fit together and to work with some extremely experienced and knowledgeable teams and individuals. My roles have included participating in activities such as site and supplier assurance, risk assessment and security incident investigations. I think rotating around different teams is a great idea. It has really helped me build my skills, grow my contacts and decide which aspect of security to focus my career on.
"Looking back, I can see how much I have gained from the graduate programme. As somebody new to my security career, the training, mentoring and coaching that has been made available to me has been invaluable. Having really enjoyed my time investigating incidents, I made the decision to apply for a role in the team when the opportunity arose. The management team here has been extremely supportive of my passion to develop my career in this area and I was fortunate enough to be selected for the position and to join the team full-time earlier this year."
"My role is ideally suited for me as I have great interest in understanding how the bad guys operate. Many think of the bad guys, or 'hackers', as stereotypical, malicious teenagers living in their parent’s basements. The truth is today's cyber criminals can be exceptionally professional and organised and the level of technical expertise that they require to run a cybercrime business continues to decrease. Easy to use automated hacking software includes features such as business intelligence dashboards, installation guides, video tutorials and even full technical support. Increasingly, such developments are leading criminals to view cybercrime as both a low risk and high reward alternative to other criminal activities.
"Hacker groups are becoming household names and recent news stories have told of numerous large companies who have had their data stolen and websites taken down. Approximately 250,000 new pieces of malware and 30,000 new infected websites appear every single day and the numbers are continually increasing. This issue is compounded by a shifting IT landscape that is increasing the presence of technologies such as mobile and cloud computing, IPv6 (Internet Protocol version 6), Bring Your Own Device (BYOD) and social media in the enterprise. These trends are making it harder, not easier, for companies to keep their data safe. That’s what makes the work that our team performs so interesting and so vital.
"No organisation can guarantee that they will not fall victim to intrusions or other malicious activity. When security incidents occur, it’s critical for organisations to have an effective response. The speed with which an organisation can recognise, analyse, and respond to an incident limits the damage and cost of recovery. However, speed must always be balanced with accuracy and this can be a challenging balancing act when the client is understandably concerned and wanting immediate answers."
"To gain a better understanding of how attacks happen and therefore how we can best respond to them I’m currently supplementing my training with a large amount of self-study and hope to obtain the Offensive Security Certified Professional (OSCP) certification before the end of the year. This certification builds on the foundations I’ve gained from the CEH, but is much more hands-on and pushes you much, much further. The final exam is hands-on, 24 hours long, and, by all accounts, is extremely challenging.
"To sum up, my time here has been great. I’m now looking forward to developing my career further within security and making the most of each and every opportunity I can. I have a passion for being a subject matter expert on security vulnerabilities, exploits and digital forensics. I feel that, with the continued success of our Security services, this is the ideal environment to achieve my goal."